Double Ratchet Algorithm: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 20:47, 17 August 2024 edit Phalaenopsisis (talk \| contribs) 28 edits →History: Red link : missing page for a renowned french researcher. Tags: Reverted Mobile edit Mobile web edit ← Previous edit		Latest revision as of 14:17, 28 July 2025 edit undo Dubidubno (talk \| contribs) 362 edits m wikilink to Algorithm
(7 intermediate revisions by 5 users not shown)
Line 3: [[File:Double Ratchet Algorithm.png\|350px\|thumb\|right\|Full ratchet step in the double ratchet algorithm. The Key Derivation Function (KDF) provides the ratcheting mechanism. The first "ratchet" is applied to the symmetric root key, the second ratchet to the asymmetric Diffie Hellman (DH) key.<ref>Trevor Perrin (editor), Moxie Marlinspike, "[https://signal.org/docs/specifications/doubleratchet/ The Double Ratchet Algorithm]. Revision 1, 2016-11-20</ref>]] In [[cryptography]], the '''Double Ratchet Algorithm''' (previously referred to as the '''Axolotl Ratchet'''<ref name="Perrin-2016-03-30">{{cite web\|last1=Perrin\|first1=Trevor\|title=Compare Revisions\|url=https://github.com/trevp/double_ratchet/wiki/Home/_compare/6fa4a516b01327d736df1f52014d8b561a18189a...ab41721f9ed7ca0bdac3e24ce9fc573750e0614d\|website=GitHub\|access-date=9 April 2016\|date=30 March 2016}}</ref><ref name="signal-inside-and-out">{{cite web\|last1=Marlinspike\|first1=Moxie\|title=Signal on the outside, Signal on the inside\|url=https://whispersystems.org/blog/signal-inside-and-out/\|publisher=Open Whisper Systems\|access-date=31 March 2016\|date=30 March 2016}}</ref>) is a [[Key (cryptography)\|key]] management [[algorithm]] that was developed by [[Trevor Perrin]] and [[Moxie Marlinspike]] in 2013. It can be used as part of a [[cryptographic protocol]] to provide [[end-to-end encryption]] for [[instant messaging]]. After an initial [[key-agreement protocol\|key exchange]] it manages the ongoing renewal and maintenance of short-lived session keys. It combines a cryptographic so-called "ratchet" based on the [[Diffie–Hellman key exchange]] (DH) and a ratchet based on a [[key derivation function]] (KDF), such as a [[hash function]], and is therefore called a double ratchet. The algorithm provides forward secrecy for messages, and implicit renegotiation of forward keys; properties for which the protocol is named.<ref>{{cite book\|last1=Cohn-Gordon\|first1=K.\|last2=Cremers\|first2=C.\|last3=Garratt\|first3=L.\|title=2016 IEEE 29th Computer Security Foundations Symposium (CSF) \|chapter=On Post-compromise Security \|year=2016\|pages=164–178\|doi=10.1109/CSF.2016.19\|isbn=978-1-5090-2607-4\|s2cid=5703986\|chapter-url=https://ora.ox.ac.uk/objects/uuid:241da365-1c73-4b6a-826c-f122c4c1e1b8}}</ref> == History == The Double Ratchet Algorithm was developed by Trevor Perrin and Moxie Marlinspike ([[Open Whisper Systems]]) in 2013 and introduced as part of the [[Signal Protocol]] in February 2014. The Double Ratchet Algorithm's design is based on the DH ratchet that was introduced by [[Off-the-Record Messaging]] (OTR) and combines it with a symmetric-key ratchet modeled after the [[Silent Circle Instant Messaging Protocol]] (SCIMP). The ratchet was initially named after the critically endangered aquatic salamander [[axolotl]], which has extraordinary self-healing capabilities.<ref>Ksenia Ermoshina, [[Francesca Musiani]]. "Standardising by running code": the Signal protocol and de facto standardisation in end-to-end encrypted messaging. Internet histories, 2019, pp.1-21. �10.1080/24701475.2019.1654697�. �halshs-02319701�</ref> In March 2016, the developers renamed the Axolotl Ratchet as the Double Ratchet Algorithm to better differentiate between the ratchet and the full protocol,<ref name="signal-inside-and-out"/> because some had used the name Axolotl when referring to the Signal Protocol.<ref name="Cohn-Gordon-2016-p1">{{harvnb\|Cohn-Gordon\|Cremers\|Dowling\|Garratt\|2016\|p=1}}</ref><ref name="signal-inside-and-out"/> Line 44: * [[Conversations (software)\|Conversations]]{{efn\|name=OMEMO\|Via the [[OMEMO]] protocol}} * [[Cryptocat]]{{efn\|name=OMEMO}}<ref>{{Cite web\|url=https://crypto.cat/security.html\|title=Security\|publisher=Cryptocat\|access-date=14 July 2016\|archive-url=https://web.archive.org/web/20160407125207/https://crypto.cat/security.html\|archive-date=7 April 2016\|url-status=dead}}</ref> * [[~~Messenger (software)\|~~Facebook Messenger]]{{efn\|Only in "secret conversations"}}{{efn\|name=SIGNAL\|Via the [[Signal Protocol]]}}<ref>{{cite magazine\|last1=Greenberg\|first1=Andy\|url=https://www.wired.com/2016/10/facebook-completely-encrypted-messenger-update-now/\|title=You Can All Finally Encrypt Facebook Messenger, So Do It\|magazine=Wired\|publisher=Condé Nast\|access-date=5 October 2016\|date=4 October 2016}}</ref> * [[G Data CyberDefense\|G Data]] Secure Chat{{efn\|name=SIGNAL}}<ref name="G Data"/><ref>{{cite web\|title=SecureChat\|url=https://github.com/GDATASoftwareAG/SecureChat\|website=GitHub\|publisher=G Data\|access-date=14 July 2016}}</ref> * [[Gajim]]{{efn\|name=OMEMO}} Line 92: * [http://git.matrix.org/git/olm/about/docs/olm.rst Olm]: C++ implementation under the [[Apache license\|Apache 2.0 license]] * [https://matrix-org.github.io/vodozemac/vodozemac/index.html Vodozemac]: Rust implementation of the Olm variation, under the [[Apache license\|Apache 2.0 license]] * {{YouTube\|id=7uEeE3TUqmU\|title=Double ratchet algorithm: The ping-pong game encrypting Signal and WhatsApp}} (exposition) {{Cryptography navbox \| public-key}}